< Summary

Information
Class: Spdx3.Model.Security.Classes.VexNotAffectedVulnAssessmentRelationship
Assembly: Spdx3
File(s): /home/runner/work/Spdx3/Spdx3/Spdx3/Model/Security/Classes/VexNotAffectedVulnAssessmentRelationship.cs
Line coverage
100%
Covered lines: 12
Uncovered lines: 0
Coverable lines: 12
Total lines: 59
Line coverage: 100%
Branch coverage
100%
Covered branches: 4
Total branches: 4
Branch coverage: 100%
Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

MethodBranch coverage Crap Score Cyclomatic complexity Line coverage
get_ImpactStatement()100%11100%
get_ImpactStatementTime()100%11100%
get_JustificationType()100%11100%
.ctor()100%11100%
.ctor(...)100%11100%
Validate()100%44100%

File(s)

/home/runner/work/Spdx3/Spdx3/Spdx3/Model/Security/Classes/VexNotAffectedVulnAssessmentRelationship.cs

#LineLine coverage
 1using System.Diagnostics.CodeAnalysis;
 2using System.Text.Json.Serialization;
 3using Spdx3.Exceptions;
 4using Spdx3.Model.Core.Classes;
 5using Spdx3.Model.Core.Enums;
 6using Spdx3.Model.Security.Enums;
 7using Spdx3.Serialization;
 8using Spdx3.Utility;
 9
 10namespace Spdx3.Model.Security.Classes;
 11
 12/// <summary>
 13/// Links a vulnerability and one or more elements designating the latter as products not affected by the vulnerability.
 14/// See https://spdx.github.io/spdx-spec/v3.0.1/model/Security/Classes/VexNotAffectedVulnAssessmentRelationship/
 15/// </summary>
 16public class VexNotAffectedVulnAssessmentRelationship : VexVulnAssessmentRelationship
 17{
 18    [JsonPropertyName("security_impactStatement")]
 19    [JsonConverter(typeof(SpdxModelConverterFactory))]
 1420    public string? ImpactStatement { get; set; }
 21
 22    [JsonPropertyName("security_impactStatementTime")]
 23    [JsonConverter(typeof(SpdxModelConverterFactory))]
 224    public DateTimeOffset? ImpactStatementTime { get; set; }
 25
 26    [JsonPropertyName("security_justificationType")]
 27    [JsonConverter(typeof(SpdxModelConverterFactory))]
 1328    public VexJustificationType? JustificationType { get; set; }
 29
 30    // protected internal no-parm constructor required for deserialization
 31#pragma warning disable CS8618, CS9264
 132    protected internal VexNotAffectedVulnAssessmentRelationship()
 33    {
 134    }
 35#pragma warning restore CS8618, CS9264
 36
 37    [SetsRequiredMembers]
 38    public VexNotAffectedVulnAssessmentRelationship(Catalog catalog, CreationInfo creationInfo, Vulnerability from,
 339        List<Element> to) : base(catalog, creationInfo, RelationshipType.doesNotAffect, from, to)
 40    {
 341    }
 42
 43
 44    public override void Validate()
 45    {
 646        base.Validate();
 47
 48        /*
 49         Both impactStatement and justificationType properties have a cardinality of 0..1 making them optional.
 50         Nevertheless, to produce a valid VEX not_affected statement, one of them MUST be defined.
 51         This is specified in the Minimum Elements for VEX.
 52         */
 653        if (ImpactStatement == null && JustificationType == null)
 54        {
 155            throw new Spdx3ValidationException(
 156                "At least one of ImpactStatement and/or JustificationType must be specified.");
 57        }
 558    }
 59}
Generated by: ReportGenerator 5.4.7.0
06/11/2025 - 00:44:31
GitHub | reportgenerator.io

Methods/Properties

get_ImpactStatement()
get_ImpactStatementTime()
get_JustificationType()
.ctor()
.ctor(Spdx3.Utility.Catalog,Spdx3.Model.Core.Classes.CreationInfo,Spdx3.Model.Security.Classes.Vulnerability,System.Collections.Generic.List`1<Spdx3.Model.Core.Classes.Element>)
Validate()